[legacyb4]

Joel,

Forgot to mention… I’m using OS X 10.2 Server.

Cheers.

[quote:de9cec272f=”MacTroll”]Check /etc/postfix/main.cf

There should be a setting for who you are in here. Although I thought it reversed your IP and used that, so maybe check your reverse DNS.

Joel[/quote:de9cec272f]

[legacyb4]

Made the changes and stunnel started working mysteriously for me as well.

DNS is all I can think of though.

Cheers.

[quote:4fa6638d4c=”mattv”]Keep in mind, this may have been happening due to a bad setup somewhere else. Regardless, i resolved the problem by going into the config file and making the following changes:
[code:1:4fa6638d4c]
[imaps]
accept = xxxxx.com:993
connect = xxxxxx.com:143
[/code:1:4fa6638d4c]
So essentially, just add you mail servers fully qualified domain name before the port. It will do a DNS lookup and will use your IP address for that domain.

So, I just reran stunnel, and bingo, secure tunneling is all good.

Hope this helps anyone who is having issues. [/code][/quote:4fa6638d4c]

[legacyb4]

Any idea what port? I thought it would be 8080 but it doesn’t seem to like that. More importantly, where can this be configured/changed?

Below is a list of commonly used ports by Apple software products.

http://docs.info.apple.com/article.html?artnum=106439

Cheers.

[quote:3719196928=”papastanley”]Hi,

You can configure the web proxy in the web services section of the Server Settings application – you’ll need to authenticate as admin for the server to connect to your OS X Server to make this change.

May require a web services restart.

If you are trying to do this from your laptop to the server you’ll need a copy of the admin tools installed (comes with OS X server, but not with OS X client)

regards

.:S:.[/quote:3719196928]

[legacyb4]

Haven’t tried myself but have heard it can be a real pain.

Apple has a script out there to help things move along…

http://docs.info.apple.com/article.html?artnum=107637

Hope that helps.

[quote:582a4477fb=”nbirnbaum”]Hey all,

One of my clients is moving offices this weekend and I’ll need to set up their server on the new IP. They’re currently running internal DNS, POP & IMAP mail, file services, and WebDAV for iCal.

The consultant who set up the box is telling me that config files and user settings need to be changed–and “in the right order.” This is news to me, as I figured I could just reconfigure DNS, and change the hostnames in the Server Settings app. Am I missing something major here?

Thanks again,
Noam[/quote:582a4477fb]

[legacyb4]

I, too, would like to know what the server requirements would be for implementing Netboot. While my user base would be less than 10 users sharing the same OS setup, what would the disk space/RAM requirements be?

If I’m not mistaken, once the machine has contacted the server and booted, there is no real “load” on the NetBoot server, is there (ie. server-side processing)?

Cheers.

[quote:b1823e31cf=”SchechterGary”]To have 300ibooks would this require more than 2 g4s with dual 1ghz?[/quote:b1823e31cf]

[legacyb4]

As long as you have each DHCP server managing non-overlapping ranges of addresses in the same subnet, you should be fine. I have a Win2k-based DHCP server managing 1/4 of the DHCP range on standby just in case something goes wrong with the main server.

Cheers.

[quote:b7227b1952=”ikellen”]Not totally sure, but I’m pretty sure we run a Windows 2000 DHCP server inside of our routers. On another subject, is it possible to run thw Win2k DHCP AND a Mac OS 10.2 server that runs DHCP on the same subnet?[/quote:b7227b1952]

[legacyb4]

Do also include a reverse lookup (PTR) record as well on your DNS records for best results.

Cheers.

[quote:e373f3be9b=”lksixt”]arghh… so very simple. W2K DNS will update windows machines automatically, but not OS X. So just added a new host record for my OS X server and all is well in the world.

~laura[/quote:e373f3be9b]

[legacyb4]

On a parallel note, is it safe to simply edit these two files to change the IP address of the server and reboot or is it necessary to run the Setup utility to make the changes stick?

We put a vlanning switch in at work where my server is being hosted and I’d like to move it off the regular work subnet and was wondering what the easiest way would be without having to reinstall or possibly lose user data…

Cheers.

[quote:172c3ff7cb=”MacTroll”]/var/db/SystemConfiguration/preferences.xml holds all of you configuration information. This is written out by the Network system preference and then used by configd to configure your network.

Information about your interfaces, speed settings and such, are managed by /var/db/NetworkInterfaces.xml[/quote:172c3ff7cb]

[legacyb4]

Depending on complexity of your needs, I’d recommend [b:e7858df280][url=http://www.geeklog.net]Geeklog[/url][/b:e7858df280] as this is a pretty straightforward, easy to use one.

Cheers.

[quote:e7858df280=”kachunga”]It seems that there is a bazillion web logging / content management systems out there. So the question becomes which to use??? I have looked at several but have never put one into production:
[list:e7858df280] -PHPNuke [url]http://www.phpnuke.orh[/url]
-PostNuke [url]http://www.postuke.com[/url]
-PHPSlash [url]http://www.phpslash.org/[/url]
-SlashCode (slashdot) [url]http://www.slashcode.org[/url]
[/list:u:e7858df280]
Any thought on any of these???

Thanks[/quote:e7858df280]

[legacyb4]

Hamish,

Is someone hosting your external DNS and you are doing just internal?

Cheers.

[quote:9433ddfd90=”hamishb”]I would appreciate someone drawing a little diagram and showing external and internal IP addresses, A records, MX records and CNAMES etc.

[/quote:9433ddfd90]

[legacyb4]

While not quite a hardware VPN gateway in the sense of no moving parts, I did set up (yet another) Linux-based solution a few nights ago as my home router started to go on the blink.

While I have been dabbling with several different alternatives in the past, I decided to try out [b:7e62e51012][url=http://www.smoothwall.org]SmoothWall[/url][/b:7e62e51012] to see if the product they offered was any good.

Breaking out my trusty test PC, I stuffed in an extra NIC, downloaded the 21MB ISO file, and within 20 minutes, I was configuring my new gateway for my local home network. Note that initial configuration of what network card is used for what network segment is done on the PC itself, but everything else is done 100% through browser.

While not as complex and possibly not as full-featured as Mandrake Linux’s MNF product, this one is free, very straightforward, and easy to manage. It offers the following features:

– firewalling (duh)
– DHCP server
– SSH access and configuration
– IDS (snort)
– VPN (IPSec)
– browser-based updates to the system

I’m going to try and see how to get an IPsec tunnel up and running between my home network and work server. Already got a firewall on the work end but I should be able to rip open a hole to let the necessary traffic through for test purposes.

Check it out. After all, no sense in wasting a Mac to do the job a low-end PC/Linux combo can do…

Cheers.

[edit]

I ended up actually using a branch of Smoothwall called [b:7e62e51012][url=http://www.ipcop.org]IPCop[/url][/b:7e62e51012] as it seemed to be a bit more refined and the interface better laid out. More or less the same functionality except with an updated kernel, support for PPTP, and upgraded DHCP server functionality (ability to assign static leases).

[quote:7e62e51012=”Soundbytes”]Does anyone have, or know of, a list of known good hardware VPN gateways that work in Mac OS 10.2 land?

Thanks in advance.[/quote:7e62e51012]

[legacyb4]

Joel,

Got it. Thanks for the feedback.

I’ve got a Linux box already running as my SSH server which has postfix already installed. Guess I’ll give SA a shot and see if it’s any more effective than the GFI box.

The biggest problem I’m realizing with the GFI solution is that it runs on a set of static filters and rules rather than an adaptive rating system like SA does. I’m also assuming that Postfix/Exim will allow forwarding by domain so that mail addressed to each domain goes to the respective server.

Thanks.

[quote:96814a426c=”MacTroll”]There is no reason why you can’t run SA on another machine from your final mail server.

The key here is the rules that you put into your MTA. For example:

Internet > Exim (MTA) with SA > local network > Apple Mail Server

Just make sure that your MTA with SA is doing two things. 1. That it bounces or dumps mail flagged by SA instead of forwarding them on. This is a simple rule that looks at the spam header from SA and then acts accordingly. 2. you need a final delivery rule that forwards all mail over SMTP to your Apple Mail Server. Now AMS doesn’t have to do anything fancy, it just accepts mail from the MTA.

Joel[/quote:96814a426c]

[legacyb4]

I’ve set up GFI’s MailEssentials for another network I deal with and have it set up as:

Incoming mail (outgoing mail also piped through the SMTP relay server)
Internet => SMTP relay (with GIF ME) => Exchange 5.5 server

So, in similar fashion, I assume that SA is used as:

Internet => MTA (with SA) => Apple Mail Server

with all components residing on the same machine? Logic then says that I should be able to run the MTA (with SA) on a physically separate machine from AMS and pipe filtered mail through to either mail server, right?

However, SA merely “tags” the incoming mail so that the user can identify what is spam or not. I think I caught a glimpse in the docs, but there is also server-side filtering so that tagged mail never even reaches the mailbox, right?

[quote:58ed54fa57=”MacTroll”]Sure. There are a lot of ways you can use SA. Either through an MTA, like Exim or Postfix, or you should be able to get procmail to feed it on a user by user basis also.

I’ve got an extra Intel box sitting around; would it be worth it to dump a simple Linux server on it and set up SA on top of that?

Cheers.

Joel[/quote:58ed54fa57]

[legacyb4]

Joel,

Thanks for the feedback. I will have to keep my eye open for any deals on an Acard.

In the meantime, I guess [url=http://ohlssonvox.8k.com/fdd_raid.htm]this RAID on FDD solution[/url] might have to be the way to go… 😯

[quote:60b95c0a85=”MacTroll”]I set up an Acard a little while ago. As far as I know it’s still working fine. Haven’t heard back from my buddy who’s using it.

If I remember correctly, you are correct that it just shows up as one volume to the machine. I believe that there is a software application that allows you to manage it as far as rebuilding it goes.

I did walk away from the install thinking that it was incredibly simple to set up and much easier then the Arco card. Plus cheaper too.

Joel[/quote:60b95c0a85]

[legacyb4]

Guess it’s okay with 10.2.3 or later!

http://docs.info.apple.com/article.html?artnum=107252

[quote:922ef32e43]To use disk quotas in conjunction with journaling, update to Mac OS X Server 10.2.3 or later.[/quote:922ef32e43]

Cheers.

[Author]

Posts